A vulnerability identified as problematic has been detected in guzzle psr7 up to 2.10.1 . This impacts the function Message::parseRequest . The manipulation leads to missing initialization of a variable. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2026-48998 . It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.